Security Automation

VaultGo

A tool for secrets management, encryption as a service, and privileged access management.

VaultGo

A tool for securely accessing secrets, providing encryption as a service, and managing privileged access.

Incident Response

A curated list of tools and resources for digital forensics and incident response (DFIR) teams.

Golang Security CheckerGo

A static analysis tool that scans Go source code for security vulnerabilities by analyzing the AST and SSA representations.

CalderaPython

An automated cyber security platform for adversary emulation, red teaming, and incident response built on the MITRE ATT&CK framework.

Infection MonkeyPython

An open-source adversary emulation platform that simulates malware attacks to test and improve network security defenses.

Recon-ngPython

A modular reconnaissance framework for conducting open source intelligence (OSINT) gathering from web-based sources.

Cybersecurity Blue Team

A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

AstraPython

An automated security testing framework for REST APIs that detects vulnerabilities like SQL injection, XSS, and CSRF.

Elastic Detection RulesPython

A public repository for developing, testing, and maintaining detection rules for Elastic Security's SIEM, with tools for Detections as Code.

ShuffleJavaScript

An open-source security automation platform (SOAR) built for security professionals, focusing on collaboration and resource sharing.

Policy SentryPython

Automatically generate least-privilege IAM policies for AWS based on resource ARNs and access levels.

policy_sentryPython

Automatically generate least-privilege IAM policies for AWS by specifying resource ARNs and access levels.

GSILPython

Monitor GitHub for sensitive information leaks in near real-time and send alert notifications.

hate_crackPython

A command-line tool that automates password cracking methodologies through Hashcat with integrated wordlist management and attack orchestration.

KansaPowerShell

A modular PowerShell framework for enterprise incident response and breach hunting using remote data collection.

KansaPowerShell

A modular PowerShell framework for enterprise incident response and breach hunting using remote data collection.

emalderson/thephishPython

An automated phishing email analysis tool that extracts observables, integrates with TheHive/Cortex/MISP, and calculates verdicts.

StrongholdPython

A command-line tool to securely configure macOS security and privacy settings with a single command.

IntelMQPython

A security feed collection and processing solution for IT security teams using message queuing protocols.

Awesome SOAR

A curated awesome list of resources for Security Orchestration, Automation and Response (SOAR) technologies.

List of various Security APIs

A curated collection of public JSON APIs for cybersecurity professionals, covering threat intelligence, malware analysis, and security tools.

LonkeroRust

A professional-grade web security scanner for penetration testing with intelligent, context-aware scanning and proof-based vulnerability detection.

ThreatIngestorPython

An extendable Python tool to extract and aggregate Indicators of Compromise (IOCs) from various threat intelligence feeds.

ThreatIngestorPython

An extendable Python tool to extract and aggregate Indicators of Compromise (IOCs) from various threat intelligence feeds.

rust-auditRust

Embed dependency information into Rust binaries for vulnerability auditing in production.

CombinePython

A tool to gather and enrich threat intelligence indicators from publicly available sources into a structured CSV format.

LeonidasPython

A framework for executing and detecting cloud attacker TTPs via YAML definitions, generating APIs, Sigma rules, and documentation.

iocextractPython

A Python library and CLI for extracting and refanging defanged Indicators of Compromise (IOCs) from text.

Insider CLIGo

A static application security testing (SAST) CLI tool that scans source code for OWASP Top 10 vulnerabilities across multiple programming languages.

Phantom Community PlaybooksPython

Default playbooks and custom functions for Splunk SOAR (formerly Phantom) security orchestration and automation platform.

CatalystVue

A self-hosted incident response platform that automates alert handling and ticket management for security teams.

PSReconPowerShell

A PowerShell script for live forensic data acquisition and endpoint lockdown during Windows incident response.

PSReconPowerShell

A PowerShell script for live forensic data acquisition and endpoint lockdown during Windows incident response.

cloud-inquisitorPython

A security tool for AWS that enforces resource ownership, detects domain hijacking, and verifies security services.

SOC Multi-toolJavaScript

A browser extension that streamlines security investigations by providing quick lookups for IPs, domains, hashes, and other indicators.